CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
PoC Exploit Publicly Disclosed: Windows ‘libarchive’ Flaw Leaks NetNTLMv2 Hashes
Security researchers Len Sadowski and Oğuz Bektaş have publicly pulled back the curtain on a vulnerability within Windows’ implementation of libarchive. The flaw, tracked as CVE-2025-59284, demonstrat ...
-
Daily CyberSecurity
High-Severity ingress-nginx Flaw Exposes Kubernetes Secrets
A high-severity security flaw has been identified in ingress-nginx, a widely used Ingress controller for Kubernetes clusters. The vulnerability, tracked as CVE-2026-4342 with a CVSS score of 8.8, coul ...
-
CybersecurityNews
CISA Warns of Cisco Secure Firewall Management Center 0-Day Exploited in Ransomware Attacks
CISA Warns Cisco Secure Firewall Management Center 0-Day Exploit An urgent warning highlights a critical zero-day in Cisco products, now added to the CISA Known Exploited Vulnerabilities Catalog after ...
-
CybersecurityNews
Critical Jenkins Vulnerabilities Expose CI/CD Servers to RCE Attacks
Jenkins Vulnerabilities Expose CI/CD Servers A critical security advisory addressing multiple high-severity vulnerabilities in Jenkins core and the LoadNinja plugin. Issued on March 18, 2026, the aler ...
-
CybersecurityNews
Bamboo Data Center and Server Vulnerability Let Attackers Execute Remote Code
Bamboo Data Center and Server Vulnerability A high-severity security flaw has been addressed in Bamboo Data Center, an enterprise platform widely used for software build and release management.Tracked ...
-
Help Net Security
Unpatched ScreenConnect servers open to attack (CVE-2026-3564)
ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE ...
-
TheCyberThrone
CISA Adds CVE-2026-20131 to KEV that was Weaponized for 36 Days
A maximum-severity RCE flaw in Cisco’s Secure Firewall Management Center was silently weaponized by the Interlock ransomware group for over a month before anyone knew it existed — a textbook pre-discl ...
-
Daily CyberSecurity
The Invisible Breach: ‘Operation GhostMail’ Uses Zero-Click XSS to Hijack Ukrainian Webmail
Image: Seqrite Labs A sophisticated cyberespionage campaign, dubbed Operation GhostMail, has been detected targeting critical government infrastructure in Ukraine. Security researchers at Seqrite Labs ...
-
The Cyber Express
Android Malware Campaign Targets Indian Users via Fake eChallan Alerts
A new Android malware campaign targeting Indian users has been reported by the Indian Computer Emergency Response Team, CERT-In. According to the agency, multiple reports indicate a coordinated effort ...
-
Daily CyberSecurity
The Silent Leak: Critical 9.1 CVSS Spring Security Flaw Strips Away Vital HTTP Headers
A critical-severity security flaw has been identified in Spring Security, the industry-standard framework for securing Java-based enterprise applications. The vulnerability, tracked as CVE-2026-22732 ...